<?php
include("include/config.inc.php");
//include("class.php");
if(!isset($_SESSION['s_activId']))
{
  header("Location:checkLogin.php");
  exit();
}
else
{	
	$msg = "";
  if(isset($_POST['oldPassword']))
  {
    $selectQuery = "SELECT password 
                      FROM user 
                     WHERE userName = '".$_SESSION['s_activId']."'
                       AND password = '".$_POST['oldPassword']."'";
    $selectQueryResult = mysql_query($selectQuery);
    if($afectedAny = mysql_fetch_array($selectQueryResult))
    {
    	 $afectedAny['password'];
      if(($afectedAny['password']) == ($_REQUEST['oldPassword']))
      {
        $updateQuery = "UPDATE user 
                           SET password = '".$_POST['newPassword']."'
                         WHERE userName = '".$_SESSION['s_activId']."'
                           AND password = '".$_REQUEST['oldPassword']."'";
        mysql_query($updateQuery);
        header("Location:./index.php");
      }
    }
    else
    {
      $msg = "Password Not Change";
    }    
  }
  include("./bottom.php");
  $smarty->assign("msg",$msg);
  $smarty->display("changePassword.tpl");
}

?>